Much of what we write about, and often repeat around security in this newsletter is based on actual experiences and real-world stories that SpireTech has been a part of or privy to learn about from others in the security industry that...
SpireTech Company News and Tips
Security
The Latest Threat to Your Computer? Malware embedded in GPU’s
This month, a proof-of-concept (PoC) was sold on a hacker forum, suggesting that cybercriminals may be moving to a new level of sophistication in their assaults. By embedding malware inside video cards from AMD and NVIDIA, the criminals are able to better...
CISA: Don’t use single-factor auth on Internet-exposed systems
Today, the US Cybersecurity and Infrastructure Security Agency (CISA) announced that it has added single-factor authentication (SFA) to a rather short list of cybersecurity bad practices it recommends against. The CISA's "Bad Practices" list includes procedures...
Kaseya Hack and SpireTech’s response
Although SpireTech uses Kaseya software for systems management, neither SpireTech or our customers were victims of the latest headline news breach. Our response, analysis of the hack, explanation of why we were not...
Solarwinds Hack
SpireTech does not use any SolarWinds software. However, the longer-term effects of this hack are likely not going to be known for a while - if at all - because SolarWinds was used by...
MSP Security: Does Your MSP Protect You and Themselves?
To effectively monitor and manage their client’s systems MSPs (Managed service providers) often establish remote connections to all their client’s networks. Unfortunately, those multiple connections make MSPs a prime target for ransomware and hacking.
Trickboot malware can persist after complete reinstallation
Evolved from Emotet and Trickbot malware, Trickboot has the ability to modify your computer’s firmware – basically, the portion of code that lives in chips in your motherboard – to survive even after a complete wipe and...
Increase in recent WordPress Website hacks
Over the last two months, we have seen several customers have their WordPress websites hacked. Hackers installed a plugin or other backdoors and used the sites to send thousands of spam messages – or worse. All sites were successfully recovered from backup and...
Sample Work from Home Policy
We’ve had a few clients ask us about remote worker policies. We view this as an HR issue with possible legal implications, so you’ll want to seek advice appropriate to your firm. We’ve all had to relax the standards...
Enable M365 security features
M365 has several optional security features that are not turned on by default. The capabilities vary based on your subscription, but even the most basic subscriptions have features that we can enable. For the quickest,...